Re: AxKit and Apache version

Vaclav Barta Mon, 04 Feb 2008 03:21:06 -0800

On Monday 04 February 2008 11:21:01 Martin Oldfield wrote:
> Vaclav Barta writes:
>  > On Sunday 03 February 2008 17:08:27 Martin Oldfield wrote:
>  > > Matt Sergeant writes:
>  > >  > > Well, that works, but reminds me I really should upgrade
>  > >  > > libxml2... There are
>  > >  > > new versions of XML::LibXML & XML::LibXSLT - is there AxKit 1.x
>  > >  > > that's compatible with them?
>  > >  > See the patch recently posted to the list by Martin Oldfield.
>  > > Besides that, you'll also probably want this one:
>  > Well, they aren't enough. :-( The patched AxKit-1.7 (patch attached) on
>  > top of XML::LibXML-1.66, XML::LibXSLT-1.66, libxml2-2.6.30-r1 (gentoo
>  > ebuild) and libxslt-1.1.22 (also gentoo) fails with
>  >
>  > Mon Feb  4 10:11:38 2008] [error] [client 127.0.0.1] [AxKit]
>  > [Error] /german/style/frame-util.xsl:1: parser error : Document is
>  > empty\n\n^\n/german/style/frame-util.xsl
>  >
>  > where the XSL file is valid (provided the path is Apache htdocs path)
>  > and works with AxKit-1.62. Of course, there's always more combinations
>  > to try - do you have a working one?
> What a bore! Presumably it would be trivial to run apache under strace
> to see if it really is trying to open the right file ?
Well, strace gives


stat64("/german/style/frame-util.xsl", 0xbf8dac74) = -1 ENOENT (No such file 
or directory)
stat64("/var/www/localhost/htdocs/german/style/frame-util.xsl", 
{st_mode=S_IFREG|0644, st_size=25832, ...}) = 0
open("/var/www/localhost/htdocs/german/style/.htaccess", O_RDONLY|O_LARGEFILE) 
= -1 ENOENT (No such file or directory)
stat64("/var/www/localhost/htdocs/german/style/frame-util.xsl", 
{st_mode=S_IFREG|0644, st_size=25832, ...}) = 0
getgroups32(0, NULL)                    = 1
getgroups32(1, [65534])                 = 1
open("/var/www/localhost/htdocs/german/style/frame-util.xsl", O_RDONLY|
O_LARGEFILE) = 4

which has at least a potential of being right...

> I'm successfully doing XSLT stuff on a Debian box:
>
> These are standard Debian etch packages:
>     Package: libxml2
>     Version: 2.6.27.dfsg-2
>     Package: libxslt1.1
>     Version: 1.1.19-1
>     Package: libxml-libxslt-perl
>     Version: 1.59-1
Ah, so you might also have a vulnerable libxml2 (see 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 ) - unless Debian 
fixed it, of course...

        Bye
                Vasek
--
http://www.mangrove.cz/
Open Source integration

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: AxKit and Apache version

Reply via email to